BugTraq Mode:
(Page 6 of 1693)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[SECURITY] [DSA 3644-1] fontconfig security update 2016-08-08
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3644-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 08, 2016

[ more ]  [ reply ]
phpCollab v2.5 CMS - SQL Injection Vulnerability 2016-08-08
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
phpCollab v2.5 CMS - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1898

Release Date:
=============
2016-08-08

Vulnerability Laboratory ID (VL-ID):
====================================
1

[ more ]  [ reply ]
vBulletin <= 5.2.2 Preauth Server Side Request Forgery (SSRF) 2016-08-08
Dawid Golunski (dawid legalhackers com)
vBulletin
CVE-2016-6483

vBulletin software is affected by a SSRF vulnerability that allows
unauthenticated remote attackers to access internal services (such as mail
servers, memcached, couchDB, zabbix etc.) running on the server
hosting vBulletin as well as services on other servers on the local
n

[ more ]  [ reply ]
[slackware-security] openssh (SSA:2016-219-03) 2016-08-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssh (SSA:2016-219-03)

New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+---------------------

[ more ]  [ reply ]
[slackware-security] curl (SSA:2016-219-01) 2016-08-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] curl (SSA:2016-219-01)

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
[slackware-security] stunnel (SSA:2016-219-04) 2016-08-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] stunnel (SSA:2016-219-04)

New stunnel packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+---------------------

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2016-219-02) 2016-08-06
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2016-219-02)

New mozilla-firefox packages are available for Slackware 14.1 and 14.2 to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packa

[ more ]  [ reply ]
[SECURITY] [DSA 3643-1] kde4libs security update 2016-08-06
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3643-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
August 06, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3642-1] lighttpd security update 2016-08-06
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3642-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
August 05, 2016

[ more ]  [ reply ]
Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP Object injection vulnerability 2016-08-05
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP
Object injection vulnerability
------------------------------------------------------------------------

Yorick Koster, June 2016

------------------------------

[ more ]  [ reply ]
DLL side loading vulnerability in VMware Host Guest Client Redirector 2016-08-05
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

DLL side loading vulnerability in VMware Host Guest Client Redirector
------------------------------------------------------------------------

Yorick Koster, December 2015

------------------------------------------------------

[ more ]  [ reply ]
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20) 2016-08-05
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-063
Product: VMware vSphere Hypervisor (ESXi)
Manufacturer: VMware, Inc.
Affected Version(s): VMware ESXi 6.0.0 build 3380124 (Update 1)
VMware vCenter Server 6.0 U2
Tested Version(s): VMware ESXi 6.0.0 buil

[ more ]  [ reply ]
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20) 2016-08-05
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-063
Product: VMware vSphere Hypervisor (ESXi)
Manufacturer: VMware, Inc.
Affected Version(s): VMware ESXi 6.0.0 build 3380124 (Update 1)
VMware vCenter Server 6.0 U2
Tested Version(s): VMware ESXi 6.0.0 buil

[ more ]  [ reply ]
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20) 2016-08-05
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-063
Product: VMware vSphere Hypervisor (ESXi)
Manufacturer: VMware, Inc.
Affected Version(s): VMware ESXi 6.0.0 build 3380124 (Update 1)
VMware vCenter Server 6.0 U2
Tested Version(s): VMware ESXi 6.0.0 buil

[ more ]  [ reply ]
Sophos Mobile Control EAS Proxy Open Reverse Proxy vulnerability (CVE-2016-6597) 2016-08-05
Tim Kretschmann (tim kretschmann pallas com)
Application: Sophos Mobile Control EAS Proxy
Versions Affected: 3.5.0.3
Vendor URL: https://www.sophos.com/
Bugs: Open Reverse Proxy
Sent: 30.06.2016
Reported: 05.07.2016
Vendor response: 13.07.2016
Published BugFix by vendor: 28.07.2016
Date of Public Advisory: 05.08.2016
Reference: Sophos Case #6

[ more ]  [ reply ]
Sophos Mobile Control EAS Proxy Open Reverse Proxy vulnerability (CVE-2016-6597) 2016-08-05
Tim Kretschmann (tim kretschmann pallas com)
Application: Sophos Mobile Control EAS Proxy
Versions Affected: 3.5.0.3
Vendor URL: https://www.sophos.com/
Bugs: Open Reverse Proxy
Sent: 30.06.2016
Reported: 05.07.2016
Vendor response: 13.07.2016
Published BugFix by vendor: 28.07.2016
Date of Public Advisory: 05.08.2016
Reference: Sophos Case #6

[ more ]  [ reply ]
Subrion v4.0.5 CMS - SQL Injection Vulnerability 2016-08-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Subrion v4.0.5 CMS - SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1893

Release Date:
=============
2016-08-04

Vulnerability Laboratory ID (VL-ID):
====================================
1

[ more ]  [ reply ]
FortiCloud - (Reports Summary) Multiple Persistent Vulnerabilities 2016-08-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FortiCloud - (Reports Summary) Multiple Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1735

Release Date:
=============
2016-08-05

Vulnerability Laboratory ID (VL-ID):
====================

[ more ]  [ reply ]
Typesettercms v5.0.1 - (Delete Files) CSRF Vulnerability 2016-08-05
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Typesettercms v5.0.1 - (Delete Files) CSRF Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1889

Release Date:
=============
2016-08-03

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
[0day] net2ftp multiple XSS on unauthenticated users 2016-08-05
Jacobo Avariento (jacobo sofistic com)
*Summary*

Subject: net2ftp XSS in "command" and "url_withpw" parameters

Versions vulnerable: ALL (Tested on latest, version 1.0)

Category: 0-day

Impact: Medium

*Description of the product*

net2ftp is a web based FTP client (_http://www.net2ftp.com/index.php_
<http://www.net2ftp.com/index.php>)

[ more ]  [ reply ]
Stored Cross-Site Scripting vulnerability in Count per Day WordPress Plugin 2016-08-04
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting vulnerability in Count per Day WordPress
Plugin
------------------------------------------------------------------------

Julien Rentrop, July 2016

---------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Count per Day WordPress Plugin 2016-08-04
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Count per Day WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in FormBuilder WordPress Plugin 2016-08-04
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in FormBuilder WordPress Plugin
------------------------------------------------------------------------

Peter Ganzevles, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Events Made Easy WordPress plugin 2016-08-04
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Events Made Easy WordPress plugin
------------------------------------------------------------------------

Job Diesveld, July 2016

---------------------------------------------------------

[ more ]  [ reply ]
Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance 2016-08-04
Pedro Ribeiro (pedrib gmail com) (1 replies)
tl;dr

Lots of RCE, hardcoded credentials, stack buffer overflow and

information disclosure in the Nuuo NVRmini and other network video

recorders of the same vendor.

These vulnerabilities also affect the NETGEAR Surveillance app (which

can be installed on the NETGEAR ReadyNAS).

See the full

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability 2016-08-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability

Advisory ID: cisco-sa-20160804-wedge

Revision 1.0

For Public Release 2016 August 4 16:00 GMT

+--------------------------------------

[ more ]  [ reply ]
[SECURITY] [DSA 3641-1] openjdk-7 security update 2016-08-04
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3641-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
August 04, 2016

[ more ]  [ reply ]
[SYSS-2016-065] NASdeluxe NDL-2400r: OS Command Injection 2016-08-04
klaus eisentraut syss de
Advisory ID: SYSS-2016-065
Product: NASdeluxe NDL-2400r
Vendor: Starline Computer GmbH
Affected Version(s): 2.01.10
Tested Version(s): 2.01.09
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: no fix (product has reached EOL since 3 years)
Vendor Notification: 2016

[ more ]  [ reply ]
FortiManager (Series) - (Bookmark) Persistent Vulnerability 2016-08-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FortiManager (Series) - (Bookmark) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1685

Fortinet PSIRT ID: 1624461

Release Notes 1: http://docs.fortinet.com/uploaded/files/2499/fortios-5.0.12-r

[ more ]  [ reply ]
(Page 6 of 1693)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus